moco
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
@membranehq/clipackage via NPM. This is a verified utility belonging to the skill's authoring organization (Membrane). - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI tool for managing connections and executing MOCO actions. This includes specialized commands for authentication, action discovery, and direct API requests via a proxy. - [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from MOCO API endpoints (such as timesheets, projects, and tasks) into the agent's context, which constitutes an indirect prompt injection surface.
- Ingestion points: Data retrieved from MOCO via
membrane action runandmembrane requestcommands (SKILL.md). - Boundary markers: No specific delimiters or "ignore instructions" warnings are defined for the received data.
- Capability inventory: The skill can execute CLI commands and make network requests (SKILL.md).
- Sanitization: No explicit sanitization or validation logic for external API responses is provided within the skill description.
Audit Metadata